Security: use a secure random number generator

If not available, give an error. The user may also configure qpdf to use an insecure random number generator.
author: Jay Berkenbilt <ejb@ql.org> 2013-10-05 23:36:33 +0200
committer: Jay Berkenbilt <ejb@ql.org> 2013-10-18 16:45:12 +0200
commit: 4229457068d6a28cc11b506f127a7bb650ab18c1 (patch)
tree: 822ce1e1eccdcc4a819a5805403b884a3e04791d /include
parent: 25687ddd71885c1b0a74d3f3f4e011fadbfd40e0 (diff)
download: qpdf-4229457068d6a28cc11b506f127a7bb650ab18c1.tar.zst
1 files changed, 9 insertions, 3 deletions
diff --git a/include/qpdf/QUtil.hh b/include/qpdf/QUtil.hh
index 8bad535d..cbdc065c 100644
--- a/include/qpdf/QUtil.hh
+++ b/include/qpdf/QUtil.hh
@@ -108,12 +108,18 @@ namespace QUtil
     QPDF_DLL
     std::string toUTF8(unsigned long uval);
 
-    // Wrapper around random from stdlib.  Calls srandom automatically
-    // the first time it is called.
+    // If secure random number generation is supported on your
+    // platform and qpdf was not compiled with insecure random number
+    // generation, this returns a crytographically secure random
+    // number.  Otherwise it falls back to random from stdlib and
+    // calls srandom automatically the first time it is called.
     QPDF_DLL
     long random();
 
-    // Wrapper around srandom from stdlib.
+    // Wrapper around srandom from stdlib.  Seeds the standard library
+    // weak random number generator, which is not used if secure
+    // random number generation is being used.  You never need to call
+    // this method as it is called automatically if needed.
     QPDF_DLL
     void srandom(unsigned int seed);
author	Jay Berkenbilt <ejb@ql.org>	2013-10-05 23:36:33 +0200
committer	Jay Berkenbilt <ejb@ql.org>	2013-10-18 16:45:12 +0200
commit	4229457068d6a28cc11b506f127a7bb650ab18c1 (patch)
tree	822ce1e1eccdcc4a819a5805403b884a3e04791d /include
parent	25687ddd71885c1b0a74d3f3f4e011fadbfd40e0 (diff)
download	qpdf-4229457068d6a28cc11b506f127a7bb650ab18c1.tar.zst